Tag: tutorial

Most of our customers are small-to-medium businesses with limited IT budgets across a variety of industries – including healthcare, education, manufacturing, and government. Having a limited IT budget often means having limited staff available for troubleshooting email or tracking down messages, so when considering which email gateway/spam filter you want for your business, one of the main criteria to consider is how easy it is to find messages for your users. Users who are expecting business-critical messages need to know ASAP what happened if that message is not delivered. With Security Gateway, it’s easy to find out if a message was rejected, quarantined or delivered. If it was rejected or quarantined, color-coded transcripts make it easy to determine exactly why the message was not delivered.

At-a-Glance: The Message Log Window

Let’s have a look at the message log and its layout.

Use buttons across the top to search messages, view message details, redeliver, whitelist or blacklist, or perform other actions.

Use the buttons across the top to:

Refresh the message list

Search for messages. Advanced search options are provided, allowing you to find messages based on a variety of criteria, such as message contents, delivery date, the result of the message delivery attempt, keywords in a message header, and others.

View message details (providing the same information as double-clicking the message)

Redeliver the message. Note that if the issue that made a message undeliverable still exists then the message will return to the message log with the same status.

Whitelist the sender or sender’s domain

Blacklist the sender or sender’s domain

Use the blue buttons to enable or disable columns in the SecurityGateway message list

Press the blue buttons to enable or disable specific columns.

The left & right-facing arrows indicate inbound and outbound messages.

The result of the message delivery attempt (Delivered, Quarantined, Rejected, etc.)

The reason the message was quarantined or rejected (for those that meet these criteria)

The message size

The final message score based on the total score accumulated by all security tests performed

Viewing message transcripts to determine a message’s fate

Now that we’re familiar with the layout of the message listing, let’s review how to troubleshoot email delivery issues.

Key events in a message’s transcript are color-coded for easy identification. In the following example, the message was scanned by SpamAssassin. During this process, it accumulated 1.7 points. It was then scanned by Outbreak Protection, during which it accumulated an additional 5.5 points. Finally, the total message score was tallied with a final score of 12.2 points and was rejected.

Message tracking with color-coded events for easy troubleshooting

We’ve created the following video to help you become more familiar with message tracking in Security Gateway.

Let’s face it. We all make mistakes. At one time or another, most of us have gotten a little hasty with the Send button when composing an email, and sent it to the wrong Frank Thomas, accidentally CC’d the customer in an inter-office communication, or realized the email was probably not such a good idea in the first place. These examples can be quite embarrassing, but other mistakes can result in legal trouble for you or your company. For example, healthcare providers can violate HIPAA regulations by sending an email containing protected health information (PHI) to the wrong person. Penalties for these HIPAA violations can be steep, ranging from $50,000 to $1.5 million.

To avoid these situations, your email solution should have a feature that lets you delay delivery of a message. With MDaemon Webmail, message scheduling options are just a mouse click away.

“This is all great, but why would I want to delay delivery of an important email message?”

There are many reasons why one might want to defer delivery of an email message.

Delaying message delivery for an hour or even a few minutes gives you time to take a break from it and review it with a refreshed perspective – providing another opportunity to catch errors you might have missed before.

Some email conversations go back and forth too quickly, so you might respond before you have all the information or ask questions that are already answered in the next message. Deferred delivery allows you to slow the process down so you’re not having to play email tag.

Deferred delivery can help prevent you from sending an angry email response during heated discussions. Allowing yourself a little extra time to re-think your message or to cancel the message altogether can help prevent a great deal of workplace conflict.

For companies that operate globally, deferred delivery allows users to schedule messages for delivery during peak business hours in the recipient’s country, increasing the likelihood that it will be seen.

We demonstrate how to defer delivery of an email message in MDaemon Webmail in this week’s tutorial video.

If you work in IT or manage a mail server, then you probably know that the vast majority of global email traffic consists of spam. However, if you’re an end user working for a small business in healthcare, manufacturing or education, the following statistic might surprise you:

In June 2018, spam made up a staggering 85.32% of all global email traffic.

A good spam filter & email gateway will filter out most of these malicious email messages circling the globe so that users and administrators can spend more time focusing on their business.

SecurityGateway for Email Servers was designed to make it easy for small-to-medium businesses to manage their inbound and outbound email security needs without taking up too much time that could be spent on more business-related tasks. It reduces the workload on administrators by providing automated user & domain creation and periodic quarantine report emails for end users. The focus on today’s “30-Second Email Tips” video is to demonstrate the quarantine report emails which allow users to manage their own quarantines so you can spend more time focusing on your business.

Many of SecurityGateway’s security settings (including heuristic and Bayesian analysis by the spam filter, DNS blacklists, SPF verification, DKIM verification, DMARC, and others) can be configured to perform one of three options for messages that fail a given security check:

Accept the message (and optionally place a tag in the message subject and add points to the message’s spam score)

Refuse the message

Quarantine the message

For messages that are placed in the quarantine, reports can be sent out to users so that they can decide what to do with these messages. Options provided are:

Release the message from quarantine

Always allow (whitelist) messages from the sender

Blacklist messages from the sender

We’ve created the following video to demonstrate these features.

SecurityGateway helps meet the needs of businesses that want an additional layer of security for their existing email server and businesses running Microsoft Exchange or another mail server that has cumbersome controls or a confusing interface – helping simplify the process of scanning inbound and outbound email for malicious content. Click here to learn more about SecurityGateway, or click here to download your free trial!

I’ve heard various opinions on what to do with an MDaemon account belonging to someone who has left a company. In a recent post on our community forums, an MDaemon administrator had set a former employee’s account to Frozen, and then configured an auto-responder for the account. Frozen accounts cannot send outbound email, and the user of a frozen account cannot check for new email.

Select this option if you wish to allow the account to receive incoming messages but prevent it from being able to check or send messages. This is useful when, for example, you suspect the account has been hijacked. Freezing the account would prevent the malicious user from accessing its messages or using the account to send messages, but it would still be able to receive its incoming email.

Let’s say an employee has left the company. As the MDaemon administrator, I don’t want that employee’s account to be used, so I place it in Frozen status via the main Account Details screen of the account editor, as shown here.

MDaemon Account Editor Showinng Frozen Account

Now let’s say I’ve enabled an auto-responder for the account, as shown here.

MDaemon Account Auto-Responder Enabled

In the following example, I’ve created the account frozen@brad.ssllock.com, and have configured the auto-responder.

When I send a test to frozen@brad.ssllock.com from training@mdaemon.com, the MDaemon server hosting the @brad.ssllock.com domain places the message in the frozen account’s mailbox, but the user is unable to log into webmail or access the inbox via another email client. When MDaemon then tries to send the auto-responder that we enabled for the frozen account, the message is moved to the Holding queue and the following is written to the MDaemon logs:

The result is that the auto-response never gets sent because the account is frozen.

The Solution

Rather than freezing the account, you could simply change the account’s password so that it can still accept mail and send auto-response messages. This can be done via the main Account Details screen, as shown here.

Account Details

If you prefer to freeze the account instead of changing its password, another option would be to create a content filter rule that would send your desired response to the original message sender instead of using the auto-responder. That content filter rule would look something like this:

Content Filter Rule

In this example, I created a rule that sends a reply to the sender of messages addressed to frozen.account@example.com using the “Send a NOTE 1” action. I then entered the $SENDER$ macro and the desired response. This message will be sent back to the message sender in response to a message originally sent to the frozen account.

You can get pretty creative with MDaemon’s content filter to perform a variety of tasks, so hopefully you found this helpful!

MDaemon’s webmail client is loaded with a variety of features for organization, collaboration and security. As a daily user of MDaemon Webmail (I use it almost exclusively instead of my desktop email client), I like to keep important messages organized so I can find them later. This is made easy with message categories (in addition to follow-up flags). Within the MDaemon webmail client, you’ll find a variety of built-in categories, or you can create your own custom categories. Multiple categories can be assigned to a message, and messages can be arranged by category, keeping all of your important messages in one, easy-to-find place.

If you’re like me, you like shortcuts that make life easier when performing common tasks. For example, if you work in finance or accounting, wouldn’t it be nice to be able to pull up all emails with the word “invoice” with a single mouse click? Well now you can. With the latest release of MDaemon, we introduced search folders in MDaemon Webmail. This week’s 30-Second Email Tips video will walk you through the setup process.

Search folders were added in MDaemon 17.5.1. If you’re running an older version of MDaemon, you could be missing out on some great new features!

Has this happened to you? Let’s say you’re the MDaemon administrator for your company, and you’ve noticed that somewhere, somehow, spam messages are being sent from within your network. Perhaps one of your PCs has been compromised. What do you do? Here are some tips to help you track the issue down.

First, make sure you have the option “Authentication is always required when mail is from local accounts” enabled (Security | Security Settings | SMTP Authentication). Also enable “Credentials used must match those of the return-path address” and “Credentials used must match those of the From header address.” Then, make sure “…unless message is sent to a local account” is unchecked to prevent intra-domain spam (between local domain users).

Make sure the appropriate boxes are checked to require SMTP authentication

Next, find out if the spam messages are coming in from an authenticated session. To do this, locate one of the spam messages & open it up in Notepad to view its headers (or you can open it in Queue & Statistics Manager). Does the message have an X-Authenticated-Sender header? It will look something like this:

X-Authenticated-Sender: SpammerUser@example.com

If this header is present, then that is the user who authenticated to send the message. The first thing you should do in this case is to change the account’s password via the Accounts menu in MDaemon. Even if the spamming is going through the user’s mail client, until you give the user the new password and they update their mail client the authentication credentials will be rejected and the spamming will be temporarily stopped.

In newer versions of MDaemon, we’ve added Account Hijack Detection, which will automatically disable an account if it sends a specified number of outbound messages via an authenticated session in a given period of time. We recommend enabling this feature. In MDaemon, it’s located under Security | Security Settings | Screening | Hijack Detection.

Account Hijack Detection

The next step is to look at the Received headers. Find the one where the message was received by your server. Here is an example of what this header would look like:

Find the connecting IP (192.198.1.121) in the above example. This is the machine that is sending out spam. Locate that machine to deal directly with the spambot on that machine.

If the message wasn’t authenticated or wasn’t sent from your local network, locate the Message-ID header and copy that value.

Message-ID: <123.xyx.someone@example.net>

Then open the MDaemon SMTP-IN log that covers the time when that message was received by MDaemon (based on the timestamp in the received header) and search for that Message-ID in the log (in the 250 response line when the message is accepted):

If you haven’t seen our YouTube channel lately, you’re missing out on some valuable information that can be used to help you manage MDaemon and SecurityGateway. Recently, we’ve added several new MDaemon tutorial videos. Here are a few that might interest you.

MDaemon Graphical User Interface (GUI) Overview

In this video, we provide a tour of MDaemon’s graphical user interface. We show you where to find key security, administration, and account management settings, how to navigate your way through the mail queues, and how to find information in the mail routing, security and spam filter logs using the tabs across the bottom of the MDaemon interface.

MDaemon’s File Structure

One of the benefits of MDaemon that make it easy to troubleshoot and administer is its file structure. All key settings are stored in configuration files located in the MDaemon/App directory, and user email messages are stored in the Users directory. This flat-file structure makes MDaemon very easy to backup and restore using simple drag & drop.

How to Enable and Use Two-Factor Authentication in WorldClient

Two-factor authentication is a security feature found in WorldClient, MDaemon’s webmail client, which requires users to submit two forms of identifying data – a password, and a special code or token, before they are able to login. Two-factor authentication helps prevent accounts from being hijacked by someone who manages to guess the account’s password. A potential hacker would have to know the second authenticating factor in order to access the account.

Enabling Do Not Disturb to Establish Work/Life Balance for Employees

MDaemon’s Do-Not-Disturb feature allows administrators to set a time during which certain users are not allowed to check for or send new email messages. In an age where we’re all constantly connected via mobile devices, this helps foster better work-life balance for your users.

In a previous video and blog post, I demonstrated how to maintain data privacy by encrypting email messages in WorldClient (MDaemon’s webmail client) using Virtru. However, this easy-to-use client-side email encryption feature does more than just email encryption. When you use Virtru Pro, you can set a message expiration period, revoke sent messages, or disable forwarding. In today’s video tutorial, I show you how to set a message expiration using WorldClient and Virtru.